You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: _GeoJeff_
_GeoJeff_ Author
User level: Level 1
13 points

Rogue mini box email appeared on my iphone

This seems nasty and may help others. Very suddenly my Iphone 6 quit sending out my emails. I was getting a message that my user name or password was incorrect??? Repeat attempts to re-enter them were met with the same message yet email would come in just could not replay or send it back out. Investigating further under advanced settings on email I found something called minibox and a rogue username called spikingfakers@my.minibox.email along with a blocked out password. All attempts to remove it were met with a message saying "server cannot be modified because it is primary outgoing server for account "Weather"". Totally bizarre. I found a reference to the imap issue and tried Settings/General/Profile and was able to delete it and now the email works.

Big question, how did this get into my iphone? why did it attach to the weather server? Who is spikingfakers? what information may have been stolen from my phone? Based on other messages to a similar issue with minibox can ios 11.1.1 keep incidents like this from happening again?

iPhone 6, iOS 11.1

Posted on Nov 13, 2017 6:47 AM

Reply
Question marked as Top-ranking reply
User profile for user: JimmyCMPIT
JimmyCMPIT
User level: Level 7
29,258 points

Posted on Nov 13, 2017 11:23 AM

What you are seeing is a profile and from what I understand the deployment of these are used by corporations to distribute iOS devices to their workforce, unfortunately the simplicity of doing so presents an opportunity to scammers to deploy their own profiles then trick you into installing them - in other words they can't do this without your help but they are not exactly trying to help you make the proper decision.


While the iOS prompts to cancel or ignore can't be tampered with by an App a scam add could generate it's own fake buttons - which could possibly trick you into clicking and facilitating this account into your device.

It's unknown to me what the extent of this profile could do to cause damage, theoretically they could simply harass you by redirecting you to more scam sites, if it was more advanced it's possible they could send your traffic through a VPN, mess with your passcode - again, not sure if the did do this, these are all theoretical and take some sophistication to get this to happen past faking out out at the profile install. From my understanding if you delete that profile any thing it potentially did do is gone with the delete.


what I would suggest at this point for the sake of a possible headache or any other concern you may have is backup the device with iTunes or iCloud then restore to factory

Back up your device with iTunes - Apple Support

Reset your iOS device to factory settings - Apple Support


see this article for more information:

Why Configuration Profiles Can Be As Dangerous As Malware on iPhones and iPads

View in context
5 replies
Question marked as Top-ranking reply
User profile for user: JimmyCMPIT
JimmyCMPIT
User level: Level 7
29,258 points

Nov 13, 2017 11:23 AM in response to _GeoJeff_

What you are seeing is a profile and from what I understand the deployment of these are used by corporations to distribute iOS devices to their workforce, unfortunately the simplicity of doing so presents an opportunity to scammers to deploy their own profiles then trick you into installing them - in other words they can't do this without your help but they are not exactly trying to help you make the proper decision.


While the iOS prompts to cancel or ignore can't be tampered with by an App a scam add could generate it's own fake buttons - which could possibly trick you into clicking and facilitating this account into your device.

It's unknown to me what the extent of this profile could do to cause damage, theoretically they could simply harass you by redirecting you to more scam sites, if it was more advanced it's possible they could send your traffic through a VPN, mess with your passcode - again, not sure if the did do this, these are all theoretical and take some sophistication to get this to happen past faking out out at the profile install. From my understanding if you delete that profile any thing it potentially did do is gone with the delete.


what I would suggest at this point for the sake of a possible headache or any other concern you may have is backup the device with iTunes or iCloud then restore to factory

Back up your device with iTunes - Apple Support

Reset your iOS device to factory settings - Apple Support


see this article for more information:

Why Configuration Profiles Can Be As Dangerous As Malware on iPhones and iPads

Reply

Rogue mini box email appeared on my iphone

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up